EPSS
Percentile
60.5%
An overly permissive CORS policy in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows a remote attacker to leak cross-origin data via a crafted HTML page.
devolutions.net/security/advisories/DEVO-2021-0004